Which definition describes JWT in regard to REST API security?
Which definition describes JWT in regard to REST API security?
A JWT (JSON Web Token) is an encoded JSON token that is used to securely exchange information. It is a compact, self-contained format for transmitting information between parties, often through a JSON object. While JWTs are frequently used for authentication and authorization in REST API security, their key purpose is to securely exchange information, regardless of the specific use-case.
JWT (JSON Web Token) is an encoded JSON token that is commonly used in REST API security for authentication and authorization. Therefore, the correct answer is D - "an encoded JSON token that is used for authentication".
D. an encoded JSON token that is used for authentication JSON Web Tokens (JWT) is an open standard for securely transmitting information between parties as a JSON object. In the context of REST API security, JWT is typically used for authentication purposes. It is a compact, URL-safe means of representing claims to be transferred between two parties. When a user authenticates with a REST API, the server generates a JWT token that contains user information, such as the user ID and access privileges. The token is then sent to the client, typically in the form of an HTTP header, and is included in subsequent requests to the API. The server then validates the token to ensure that it was issued by a trusted authority and that it has not been tampered with. If the token is valid, the server grants access to the requested resources. If the token is invalid or has expired, the server denies access to the resources. Therefore, the correct definition of JWT in regard to REST API security is that it is an encoded JSON token that is used for authentication.
C and D are correct. -this ciscodump is a wonderful journey
this is what my AI friend says on this matter: Both statements are correct. JWTs are used to securely transmit information between parties as a JSON object . This information can include authentication and authorization data, allowing the recipient to verify the identity of the sender and determine what resources they have access to . So while JWTs can be used for securely exchanging information, they are primarily used for authentication and authorization purposes.
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
JSON Web Token (JWT) is an open standard ( RFC 7519 ) that defines a compact and self-contained way for securely transmitting information between parties as a JSON
https://www.rfc-editor.org/rfc/rfc7519#ref-JWS https://en.wikipedia.org/wiki/JSON_Web_Token#Use https://medium.com/emblatech/secure-your-spring-restful-apis-with-jwt-a-real-world-example-bfdd2679db5f
And a week later... It's encoded It exchanges more info then just authentication https://jwt.io/introduction/ It's probably C :)
I still think the answer is D. JWT provides authentication, but technically it does not in itself provide security to the information that is being exchanged, because without HTTPS (TLS), the information can still be intercepted and the JWT can be stolen. But please correct me if I'm wrong!
Option C could also be considered correct because JWTs are indeed used to securely exchange information, but in the specific context of REST API security, D is the most accurate answer.
C is the best solution
it´s D
https://jwt.io/introduction for C we need also key
JWT, or JSON Web Token, is an encoded JSON token that is used to securely exchange information. It is a compact and self-contained way for securely transmitting information between parties as a JSON object. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA. They are commonly used for authentication and authorization in REST API security 2 3 . Therefore, the correct definition of JWT in regard to REST API security is: C. an encoded JSON token that is used to securely exchange information Option D is not the best choice because while JWTs can be used for authentication, they are not limited to that purpose. JWTs are designed to be a compact, self-contained way of securely transmitting information between parties as a JSON object. This makes them suitable for a wide range of use cases, including authentication, authorization, and information exchange. Therefore, it is more accurate to describe JWTs as an encoded JSON token that is used to securely exchange information, rather than exclusively for authentication.
JWT, which stands for JSON Web Token, is a technique defined in RFC 7519 for remote authentication between two parties. It is one of the most used ways to authenticate users in RESTful APIs. What is JSON Web Token? JWT (JSON Web Token) is an industry standard RCT 7519 method for performing two-party authentication via a signed token that authenticates a web request. This token is a Base64 code that stores JSON objects with the data that allow authentication of the request. https://www.devmedia.com.br/como-o-jwt-funciona/40265
I believe answer D, because "This token is a Base64 code that stores JSON objects with the data that allow authentication of the request."
Check this: https://www.examtopics.com/discussions/cisco/view/79793-exam-350-401-topic-1-question-427-discussion/#:~:text=Which%20definition%20describes%20JWT%20in,that%20is%20used%20for%20authentication